diff --git a/code/websites/pokedex.online/server/middleware/auth.js b/code/websites/pokedex.online/server/middleware/auth.js
index 9aacf62..b158d68 100644
--- a/code/websites/pokedex.online/server/middleware/auth.js
+++ b/code/websites/pokedex.online/server/middleware/auth.js
@@ -18,7 +18,7 @@ import { verifyToken } from '../utils/jwt-utils.js';
 export function authMiddleware({ secret, optional = false } = {}) {
   return (req, res, next) => {
     const authHeader = req.headers.authorization;
-    
+
     if (!authHeader) {
       if (optional) {
         req.user = null;
@@ -46,7 +46,9 @@ export function authMiddleware({ secret, optional = false } = {}) {
       req.user = decoded;
       next();
     } catch (err) {
-      const code = err.message.includes('expired') ? 'TOKEN_EXPIRED' : 'INVALID_TOKEN';
+      const code = err.message.includes('expired')
+        ? 'TOKEN_EXPIRED'
+        : 'INVALID_TOKEN';
       return res.status(401).json({
         error: err.message,
         code
@@ -75,7 +77,9 @@ export function requirePermission(requiredPermissions) {
     }
 
     const userPermissions = req.user.permissions || [];
-    const hasPermission = permissions.some(perm => userPermissions.includes(perm));
+    const hasPermission = permissions.some(perm =>
+      userPermissions.includes(perm)
+    );
 
     if (!hasPermission) {
       return res.status(403).json({